Migrate the client-side extensions configuration

We can migrate the Web Services Security client-side extensions configuration for a Java EE Version 1.3 application to a Java EE Version 1.4 application.

The following table lists the mappings of the top-level sections
under the client-side Security Extensions tab for Web Services Security from a Java EE Version 1.3 application to a Java EE Version 1.4 application.

Consider the following steps to migrate the client-side
extensions configuration from a Java EE Version 1.3 application to a Java EE Version 1.4 application. These steps are dependent upon the specific configuration. The steps are based on typical scenarios, but the steps are not all-inclusive.

Migrate the message parts that we need to sign or encrypt from the Integrity and Confidentiality sections in the Java EE Version 1.3 application to the Integrity
and Confidentiality sections on the WS Extensions tab in an assembly tool for a Java EE Version 1.4 application.

Configure the Security Token section under the Request
Generator Configuration on the WS Extensions tab if Login Config
section is configured in the Java EE Version 1.3 extensions configuration. When you configure the security token, select the token type in the Token type field that matches the authentication method value of the Login Config in the Java EE Version 1.3 application. For example, if the authentication method in the Java EE Version 1.3 extensions configuration is BasicAuth, then select Username in the Token type field within the assembly tool. For more information on how the authentication methods for Web Services Security map from a Java EE Version 1.3 application to a Java EE Version 1.4 application, see Table 2.
If the authentication method is IDAssertion, there is no action required because in a Java EE Version 1.4 application the identity assertion configuration is not required in the client-side
extensions configuration. In a Java EE Version 1.4 application, the identity assertion configuration is specified in the server-side extensions configuration and in the client-side
bindings configuration.

Migrate the Required Integrity and Required Confidentiality
sections by configuring the Required Integrity and Required Confidentiality
sections in an assembly tool. Migrating the Response Receiver
Configuration section is similar to migrating the Request Receiver
Service Configuration Details section of the server-side extensions configuration. For more information, see Migrate the JAX-RPC server-side extensions configuration.

Migrate the nonce configuration in the Login Config section
in a Java EE Version 1.3 extensions configuration for Web Services Security to a Java EE Version 1.4 application.

Important: Nonce is not configured in a Java EE Version 1.4 extension file for Web Services Security. Rather, it is configured in the binding file for Web Services Security.

To configure a nonce in the binding file, define the com.ibm.wsspi.wssecurity.token.username.addNonce
property in the token generator of the username token.

Configure the Add Timestamp section under the Request Generator
Configuration in the assembly tool if the Add Created Time Stamp option is configured in the Java EE Version 1.3 extensions.

Results

This set of steps describe the types of information that we need to migrate the client-side extensions configuration for Web Services Security for a Java EE Version 1.3 application to a Java EE Version 1.4 application.